/*
 *
 *  * | Licensed 未经许可不能去掉「OPENIITA」相关版权
 *  * +----------------------------------------------------------------------
 *  * | Author: xw2sy@163.com
 *  * +----------------------------------------------------------------------
 *
 *  Copyright [2024] [OPENIITA]
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 * /
 */

package cc.iotkit.system.service.impl;

import cc.iotkit.common.constant.TenantConstants;
import cc.iotkit.common.model.RoleDTO;
import cc.iotkit.common.satoken.utils.LoginHelper;
import cc.iotkit.common.utils.StringUtils;
import cc.iotkit.data.system.ISysDeptData;
import cc.iotkit.data.system.ISysRoleDeptData;
import cc.iotkit.system.dto.vo.SysRoleVo;
import cc.iotkit.system.dto.vo.SysUserVo;
import cc.iotkit.system.service.ISysMenuService;
import cc.iotkit.system.service.ISysPermissionService;
import cc.iotkit.system.service.ISysRoleService;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * 用户权限处理
 *
 * @author ruoyi
 */
@RequiredArgsConstructor
@Service
public class SysPermissionServiceImpl implements ISysPermissionService {

    private final ISysRoleService roleService;
    private final ISysMenuService menuService;

    private final ISysRoleDeptData roleDeptData;

    private  final ISysDeptData deptData;

    /**
     * 获取角色数据权限
     *
     * @param userId  用户id
     * @return 角色权限信息
     */
    @Override
    public Set<String> getRolePermission(Long userId) {
        Set<String> roles = new HashSet<>();
        // 管理员拥有所有权限
        if (LoginHelper.isSuperAdmin(userId)) {
            roles.add(TenantConstants.SUPER_ADMIN_ROLE_KEY);
        } else {
            roles.addAll(roleService.selectRolePermissionByUserId(userId));
        }
        return roles;
    }

    /**
     * 获取用户所属角色的部门权限
     * @param user
     * @return
     */
    public Set<String> getRoleDeptPermissons(SysUserVo user){
        Set<String> deptIds=new HashSet<>();
        for(SysRoleVo role : user.getRoles()){
            if(role.getDataScope().equals("1")){
                deptIds.add("ALL");
            }else if(role.getDataScope().equals("2")){
                //获取角色的自定义部门
              List<Long> ids=  roleDeptData.findByRoleId(role.getId());
              ids.forEach(deptId->deptIds.add(deptId.toString()));
            }else if(role.getDataScope().equals("3")){
                //本部门
                deptIds.add(user.getDeptId().toString());
            }else if(role.getDataScope().equals("4")){
                //本部门及以下
                String ancestors= user.getDept().getAncestors()+ StringUtils.SEPARATOR+user.getDept().getId();
                List<Long> ids=  deptData.findDeptAndChildrenDept(user.getDept().getId(),ancestors);
                ids.forEach(deptId->deptIds.add(deptId.toString()));
            }else{
                //仅自己,默认具备查看自己的数据权限
                //deptIds.add("USER_ONLY");
            }
        }
        return deptIds;
    }

    /**
     * 获取菜单数据权限
     *
     * @param userId  用户id
     * @return 菜单权限信息
     */
    @Override
    public Set<String> getMenuPermission(Long userId) {
        Set<String> perms = new HashSet<>();
        // 管理员拥有所有权限
        if (LoginHelper.isSuperAdmin(userId)) {
            perms.add("*:*:*");
        } else {
            perms.addAll(menuService.selectMenuPermsByUserId(userId));
        }
        return perms;
    }
}
